Subscribe
Sunday, April 26, 2026
type here...
Subscribe
HomeTagsVulnerability

Tag: Vulnerability

New 7-Zip Vulnerability Lets RAR5 Files Crash Systems

A critical vulnerability in the popular 7-Zip file archiver has been discovered and patched, allowing malicious actors to craft weaponized RAR5 files that can crash systems and potentially corrupt memory. The security vulnerability, designated CVE-2025-53816, affects 7-Zip versions prior to 25.00 and demonstrates how...
Read more

SharePoint 0-Day RCE Vulnerability Allowing Full Server Compromise

A critical zero-day vulnerability in Microsoft SharePoint servers, designated CVE-2025-53770, that allows attackers to achieve remote code execution without authentication. The security firm discovered the threat during routine monitoring on July 18, 2025, when their CrowdStrike Falcon EDR deployment flagged suspicious activity on a...
Read more

Active Exploitation of New CrushFTP 0-Day Vulnerability Grants Attackers Server Access

A critical zero-day vulnerability in CrushFTP servers has been actively exploited by attackers since July 18th, 2025, with security researchers confirming widespread attacks targeting unpatched installations. The vulnerability, designated CVE-2025-54309, affects all CrushFTP version 10 installations below 10.8.5 and version 11 installations below 11.3.4_23,...
Read more

Ubiquiti UniFi Device Vulnerability Enables Remote Command Injection by Attackers

Ubiquiti Networks has disclosed a critical security vulnerability affecting multiple UniFi Access devices that could enable malicious actors to execute arbitrary commands through improper input validation. The vulnerability, assigned CVE-2025-27212 and discovered by security researchers Bongeun Koo and Junhyung Cho, carries a maximum CVSS...
Read more

Lenovo Protection Driver Vulnerability Allows Privilege Escalation and Remote Code Execution

A critical buffer overflow vulnerability has been identified in Lenovo’s Protection Driver, exposing users of various Lenovo applications to potential local privilege escalation and remote code execution. Lenovo has cautioned affected users to update key applications immediately to mitigate exploitation risks. Lenovo Security Advisory LEN-195370...
Read more

Hackers Exploit Signal App Clone Vulnerability to Steal Passwords

A critical security vulnerability in TeleMessageTM SGNL, an enterprise messaging system designed to mirror Signal's secure communication features, has been actively exploited by cybercriminals since its disclosure in May 2025. The vulnerability, designated CVE-2025-48927, affects government agencies and enterprises using the platform to archive...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News